CANDoSA: A Hardware Performance Counter-Based Intrusion Detection System for DoS Attacks on Automotive CAN bus
By Franco Oberti 1, Stefano Di Carlo 2, Alessandro Savino 2
1 Dumarey, Italy
2 Politecnico di Torino, Italy
Abstract
The Controller Area Network (CAN) protocol, essential for automotive embedded systems, lacks inherent security features, making it vulnerable to cyber threats, especially with the rise of autonomous vehicles. Traditional security measures offer limited protection, such as payload encryption and message authentication. This paper presents a novel Intrusion Detection System (IDS) designed for the CAN environment, utilizing Hardware Performance Counters (HPCs) to detect anomalies indicative of cyber attacks. A RISC-V-based CAN receiver is simulated using the gem5 simulator, processing CAN frame payloads with AES-128 encryption as FreeRTOS tasks, which trigger distinct HPC responses. Key HPC features are optimized through data extraction and correlation analysis to enhance classification efficiency. Results indicate that this approach could significantly improve CAN security and address emerging challenges in automotive cybersecurity.
To read the full article, click here
Related Semiconductor IP
- CAN
- CAN XL Verification IP
- Protocol controller IP for Classical CAN / CAN FD / CAN XL
- Protocol controller IP for CAN / CAN FD
- Protocol controller IP for a CAN FD light responder node
Related White Papers
- Interstellar: Fully Partitioned and Efficient Security Monitoring Hardware Near a Processor Core for Protecting Systems against Attacks on Privileged Software
- A Survey on the Design, Detection, and Prevention of Pre-Silicon Hardware Trojans
- SoC interconnect performance verification methodology based on hardware emulator
- HW/SW Interface Generation Flow Based on Abstract Models of System Applications and Hardware Architectures
Latest White Papers
- DRsam: Detection of Fault-Based Microarchitectural Side-Channel Attacks in RISC-V Using Statistical Preprocessing and Association Rule Mining
- ShuffleV: A Microarchitectural Defense Strategy against Electromagnetic Side-Channel Attacks in Microprocessors
- Practical Considerations of LDPC Decoder Design in Communications Systems
- A Direct Memory Access Controller (DMAC) for Irregular Data Transfers on RISC-V Linux Systems
- A logically correct SoC design isn’t an optimized design